From 5e10814eb6c5cf05dcb9d8e0b8fe9c9fa6ffa2f0 Mon Sep 17 00:00:00 2001 From: Taylor Thomas Date: Thu, 12 Oct 2017 18:45:37 -0700 Subject: [PATCH] docs(tiller): Adds documentation for secret backend Adds documentation for running `tiller` with the new secrets backend added in #2721 --- docs/install.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/install.md b/docs/install.md index 618b5332c..ea51afd89 100755 --- a/docs/install.md +++ b/docs/install.md @@ -317,6 +317,23 @@ in JSON format. ... ``` +### Storage backends +By default, `tiller` stores release information in `ConfigMaps` in the namespace +where it is running. As of Helm 2.7.0, there is now a beta storage backend that +uses `Secrets` for storing release information. This was added for additional +security in protecting charts in conjunction with the release of `Secret` +encryption in Kubernetes. + +To enable the secrets backend, you'll need to init Tiller with the following +options: + +```shell +helm init --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' +``` + +Currently, if you want to switch from the default backend to the secrets +backend, you'll have to do the migration for this on your own. When this backend +graduates from beta, there will be a more official path of migration ## Conclusion